Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RbJPUGABt4nrbWSSkEO_5Kc3g2g.roa
File: RbJPUGABt4nrbWSSkEO_5Kc3g2g.roa (raw, json)
Hash identifier: OfkDy+g9GbMjWA8/iQwg32RDYCpdB4i81Kt1I4iwvp0=
Subject key identifier: 45:B2:4F:50:60:01:B7:89:EB:6D:64:92:90:43:BF:E4:A7:37:83:68
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B088F3184100926668D6D9BC63A43FF62
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RbJPUGABt4nrbWSSkEO_5Kc3g2g.roa
Signing time: Sat 07 Oct 2023 05:14:43 +0000
ROA not before: Sat 07 Oct 2023 05:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:08:8f:31:84:10:09:26:66:8d:6d:9b:c6:3a:43:ff:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 05:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45b24f506001b789eb6d64929043bfe4a7378368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0b:bd:a5:9d:7a:a8:63:a9:37:f5:71:e6:48:
82:b8:75:56:63:03:05:bd:a2:bc:f6:68:e9:0e:aa:
6a:8b:4b:d1:ff:82:79:69:a0:8a:12:f3:75:b4:76:
ec:87:9f:3e:0b:b7:7a:0c:d3:a9:73:8e:ef:51:fe:
15:53:c8:13:ce:f0:cd:ef:b7:fa:c1:b2:6f:88:c7:
3c:60:c9:5a:b3:58:df:9d:7a:3e:bf:10:54:c5:c1:
f4:b5:c2:67:b8:45:be:cb:c5:f5:c6:dc:73:99:77:
d3:5e:1f:0a:ba:20:ec:40:83:18:6e:26:75:49:94:
0d:c3:38:f5:05:68:10:8d:e3:19:05:d7:a2:12:de:
f4:22:84:b0:37:ed:00:9f:2f:29:f7:84:6f:e8:26:
c8:89:c8:32:7c:3c:3c:cd:12:d5:f7:89:91:d2:19:
47:58:99:ac:03:1e:ef:b2:e0:8a:bd:bd:8a:c6:9c:
bf:25:9b:0a:1d:9c:0b:21:5f:0d:40:7b:e8:0c:d3:
5d:70:e9:91:bb:97:2f:2c:9a:03:31:d2:41:53:51:
8b:37:d8:b8:8b:40:eb:41:13:1f:53:1e:71:1b:ba:
85:29:7d:32:b5:d5:d1:31:6a:c2:e2:20:57:71:56:
8b:58:98:46:22:6d:b2:0e:88:a9:fa:a4:92:b9:2b:
29:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B2:4F:50:60:01:B7:89:EB:6D:64:92:90:43:BF:E4:A7:37:83:68
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RbJPUGABt4nrbWSSkEO_5Kc3g2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:60:d0:83:0c:d6:c2:13:a4:86:07:30:66:6f:ef:7d:6a:33:
1d:ac:7f:d4:43:44:47:d9:c9:e8:4a:ae:8a:4c:83:9f:87:6d:
73:78:8a:cb:13:ce:91:15:49:49:b2:77:b9:3d:26:e4:bf:2e:
2b:86:d8:15:7f:fe:a9:2d:af:89:d8:93:31:2a:20:3f:63:63:
c8:97:4f:18:33:db:7b:c1:57:b3:6d:77:a0:9a:d4:b5:6d:88:
ee:01:80:de:36:a0:3f:4f:1a:7f:d2:41:76:6c:db:d1:55:84:
dc:ed:ff:b0:c4:2b:02:f8:54:04:bb:fa:d1:00:c8:8e:b5:81:
a0:bb:4f:a1:d0:79:61:88:f4:03:f0:56:15:c8:d3:17:dd:35:
28:47:f6:f4:96:76:38:f6:d9:6d:d6:94:6e:59:59:03:a4:09:
ca:8c:2b:58:49:c7:53:f3:62:34:ae:3b:be:cc:8e:6c:3d:6a:
6e:4e:58:1c:e4:71:be:41:a0:1c:b8:61:bc:3b:04:51:5a:f5:
36:3c:82:24:c5:fc:57:fa:f4:c0:fa:75:e0:92:06:d3:8c:2a:
2a:ca:31:8b:6c:ce:4d:56:43:c0:98:ca:56:3c:07:60:99:4f:
22:8a:8e:86:79:75:eb:f0:2a:a3:94:92:71:d9:de:2b:f7:2d:
96:11:52:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsIjzGEEAkmZo1tm8Y6Q/9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWIyNGY1MDYwMDFiNzg5ZWI2ZDY0OTI5MDQzYmZlNGE3Mzc4MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgu9pZ16qGOpN/Vx5kiCuHVWYwMF
vaK89mjpDqpqi0vR/4J5aaCKEvN1tHbsh58+C7d6DNOpc47vUf4VU8gTzvDN77f6
wbJviMc8YMlas1jfnXo+vxBUxcH0tcJnuEW+y8X1xtxzmXfTXh8KuiDsQIMYbiZ1
SZQNwzj1BWgQjeMZBdeiEt70IoSwN+0Any8p94Rv6CbIicgyfDw8zRLV94mR0hlH
WJmsAx7vsuCKvb2Kxpy/JZsKHZwLIV8NQHvoDNNdcOmRu5cvLJoDMdJBU1GLN9i4
i0DrQRMfUx5xG7qFKX0ytdXRMWrC4iBXcVaLWJhGIm2yDoip+qSSuSspewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEWyT1BgAbeJ621kkpBDv+SnN4NoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUmJKUFVHQUJ0NG5yYldTU2tFT181S2MzZzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAChg0IMM1sITpIYHMGZv
731qMx2sf9RDREfZyehKropMg5+HbXN4issTzpEVSUmyd7k9JuS/LiuG2BV//qkt
r4nYkzEqID9jY8iXTxgz23vBV7Ntd6Ca1LVtiO4BgN42oD9PGn/SQXZs29FVhNzt
/7DEKwL4VAS7+tEAyI61gaC7T6HQeWGI9APwVhXI0xfdNShH9vSWdjj22W3WlG5Z
WQOkCcqMK1hJx1PzYjSuO77Mjmw9am5OWBzkcb5BoBy4Ybw7BFFa9TY8giTF/Ff6
9MD6deCSBtOMKirKMYtszk1WQ8CYylY8B2CZTyKKjoZ5devwKqOUknHZ3iv3LZYR
Ui4=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:52:40 2025 by rpki-client